Easy WP SMTP – WordPress SMTP and Email Logs: Gmail, Office 365, Outlook, Custom SMTP, and more WordPress Plugin Security Vulnerabilities | WPScan

8

November 27, 2025

500000

Published

2024-06-12

Title

Easy WP SMTP by SendLayer < 2.3.1 - Exposure of Sensitive Information via the UI

Fixed in

Fixed in 2.3.1

CVSS

2.7 (low)

Published

2022-11-30

Title

Easy WP SMTP < 1.5.2 - Admin+ Arbitrary File Deletion

Fixed in

Fixed in 1.5.2

CVSS

5.5 (medium)

Published

2022-11-30

Title

Easy WP SMTP < 1.5.2 - Admin+ RCE

Fixed in

Fixed in 1.5.2

CVSS

4.7 (medium)

Published

2022-11-30

Title

Easy WP SMTP < 1.5.2 - Admin+ Arbitrary File Access

Fixed in

Fixed in 1.5.2

CVSS

4.1 (medium)

Published

2022-10-10

Title

Easy WP SMTP < 1.5.0 - Admin+ PHP Objection Injection

Fixed in

Fixed in 1.5.0

CVSS

5.5 (medium)

Published

2020-12-07

Title

Easy WP SMTP < 1.4.3 - Debug Log Disclosure

Fixed in

Fixed in 1.4.3

CVSS

7.5 (high)

Published

2019-03-17

Title

Easy WP SMTP <= 1.3.9 - Unauthenticated Arbitrary wp_options Import

Fixed in

Fixed in 1.3.9.1

CVSS

n/a

Published

2017-04-14

Title

Easy WP Smtp < 1.2.5 - XSS

Fixed in

Fixed in 1.2.5

CVSS

6.1 (medium)